Bug ID 542751: In portal access mode, APM may not handle mangled requests for SAML URLs

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:

Opened: Sep 01, 2015

Severity: 3-Major


Mangled SAML SSO requests (e.g. '/f5-w-...$$/saml/idp/profile/redirectorpost/sso') are processed internally by APM instead of being forwarded in internal server. As a result, an error is logged in /var/log/apm: "SSOv2 Error: No SP Connector attached to SAML SSO from assigned SAML resources matching authentication request."


SAML SSO will not work.


All conditions must be met: - BIG-IP1 is configured for portal access. - BIG-IP2 is used as SAML Service Provider. - BIG-IP2 must be located behind portal rewrite. - User attempts to initiated SAML SSO on Service Provider.



Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips